HTTPS sadly offers no protection from that at all these days. At least in the past when something was HTTPS you knew that someone had to jump through some hoops and pay some real money to earn that padlock, but now any script kiddie can automate certificates for free for as many lookalike domains they want to.

It would be nice to see some way for browsers to indicate when a site has some extra validation so you could immediately see that your bank has a real certificate as is appropriate for a bank and not just Let's Encrypt. Yes, I can click the padlock icon to get that information, but it would be nice if there was some light warning for free certificates to make it more immediately obvious.